What is your most annoying vulnerability in PHP?
For further actions, you may consider blocking this person and/or reporting abuse
For further actions, you may consider blocking this person and/or reporting abuse
Timeless DEV post...
The most used technology by developers is not Javascript.
It's not Python or HTML.
It hardly even gets mentioned in interviews or listed as a pre-requisite for jobs.
I'm talking about Git and version control of course.
ymc9 -
Erhan Tezcan -
Hamid Haghdoost -
Medea -
Once suspended, smn will not be able to comment or publish posts until their suspension is removed.
Once unsuspended, smn will be able to comment and publish posts again.
Once unpublished, all posts by smn will become hidden and only accessible to themselves.
If smn is not suspended, they can still re-publish their posts from their dashboard.
Once unpublished, this post will become invisible to the public and only accessible to Alex Siman.
They can still re-publish the post if they are not suspended.
Thanks for keeping DEV Community safe. Here is what you can do to flag smn:
Unflagging smn will restore default visibility to their posts.
Top comments (14)
WordPress 😛
Despite all its vulnerabilities, WordPress's still the most popular web platform :)
WordPress has definitely make its history. And it's not terrible. But you shouldn't solely base it on popularity.
Just because there is a super popular person in school, doesn't make them a better person.
AFAIK Wordpress without a lot of plugins isn't that bad in terms of security.
race conditions.Also in many languages.:(
Some example? I have no problem with this.
CVE-2017-16871 In fact, it is not common in php (golang is more). It is hard exploit and hard to find, but I can't ignore it, which leads me to check code like multi-step sql operation frequently.
I tried a stupid sql operation to add user data (such as gold coins), and then add the number of user operations in the database.Sorry,not my open source code。
Use complex SQL or transaction.
Yes. So I was stupid at the time.But sometimes I can't use sql ransaction. Because maybe I are calling an external api or other operation.
This is not vulnerability PHP. This is bad manipulation with database.
sorry,I may understand the wrong title.But if you only say php specific vulnerabilities,Should only be file include bug and some php Internal implementation vulnerability.
Bad developers.
Yeah, I have noticed that PHP attracts a lot of newbies because of its simplicity to kickstart a web development. Especially that was a case somewhere around 2006 to 2010 in the era of LAMP stacks.